Operational technology environments, such as infrastructure grids, utility distribution networks, industrial control systems, and others, are increasingly the target of cyber-attacks that are evolving to become more frequent and/or more sophisticated. Such attacks may have a dramatic negative impact on the provision of public services, public health, and/or the economics of companies or countries. However, detecting attacks is difficult and traditionally requires the review of large datasets and multiple inputs that are outside traditional sensors. Moreover, even traditional methods of dataset review can fail to detect a cyber-attack that employs a new method or channel of attack that has not been observed before, given that traditional monitoring techniques would not know to look for such an evolved attack.